CVE-2020-9520

Summary

A stored XSS vulnerability was discovered in Micro Focus Vibe, affecting all Vibe version prior to 4.0.7. The vulnerability could allows a remote attacker to craft and store malicious content into Vibe such that when the content is viewed by another user of the system, attacker controlled JavaScript will execute in the security context of the target user’s browser.

Affected Software

VendorProductVersion RangeStatus
Micro Focus InternationalMicro Focus Vibe.All Vibe version prior to Vive 4.0.7.affected

Weaknesses

  • Stored XSS

ADP Enrichment

CVE Program Container

Additional References

References